Claims:1. A method for facilitating secure online transactions, the method comprising:
detecting, by a server, initialization of an online transaction on a first user device of a first user;
determining, by the server, a count of one or more user devices that are present within a proximity distance of the first user device based on the initialization of the online transaction;
evaluating, by the server, an urgency level for the online transaction based on transaction analysis data and one or more preferences of the first user, when the count of the one or more user devices exceeds a device threshold count;
prompting, by the server, based on the evaluated urgency level, the first user, through the first user device, to complete the online transaction at one of a later time-instance using primary information of a payment mode or at a current time-instance using secondary information of the payment mode; and
processing, by the server, the online transaction completed by the first user at one of the current time-instance or the later time-instance.
2. The method of claim 1, further comprising setting, by the server, the online transaction on hold at the current time-instance so as to be completed at the later time-instance, when the evaluated urgency level is below a threshold urgency level, wherein the first user is prompted at the later time-instance to complete the online transaction when the count of the one or more user devices becomes less than the device threshold count.
3. The method of claim 1, wherein the first user is prompted at the current time-instance to complete the online transaction when the evaluated urgency level exceeds a threshold urgency level.
4. The method of claim 1, wherein the primary information is actual financial information of the payment mode, and wherein the secondary information is different from the primary information and is valid for a limited time period such that after the limited time period the secondary information expires.
5. The method of claim 1, further comprising prompting, by the server, the first user, through the first user device, to update the secondary information for the payment mode, when the count of the one or more user devices is below the device threshold count.
6. The method of claim 1, further comprising determining, by the server, whether at least one payment mode of the first user is saved at an online payment platform at which the online transaction is initialized or at a merchant associated with the online transaction, wherein when the payment mode is saved, the secondary information corresponds to one of a temporary authentication parameter set for the payment mode or a one-time use virtual payment mode and when no payment mode is saved, the secondary information corresponds to a digital wallet.
7. The method of claim 1, wherein the transaction analysis data and the one or more preferences of the first user are indicative of one or more types of transactions that are required to be completed without delay.
8. The method of claim 1, wherein the one or more user devices are associated with one or more other users present within the proximity distance of the first user device, and wherein the count of the one or more user devices within the proximity distance of the first user device is indicative of a presence of the first user device in one of a private area or a public area.
9. The method of claim 1, further comprising:
determining, by the server, the device threshold count based on one or more parameters defined by the first user and a real-time location of the first user device; and
updating, by the server, the device threshold count based on an update in the one or more parameters or the real-time location of the first user device.
10. A system for facilitating secure online transactions, the system comprising:
a server configured to:
detect initialization of an online transaction on a first user device of a first user;
determine a count of one or more user devices that are present within a proximity distance of the first user device based on the initialization of the online transaction;
evaluate an urgency level for the online transaction based on transaction analysis data and one or more preferences of the first user, when the count of the one or more user devices exceeds a device threshold count;
prompt, based on the evaluated urgency level, the first user, through the first user device, to complete the online transaction at one of a later time-instance using primary information of a payment mode or at a current time-instance using secondary information of the payment mode; and
process the online transaction completed by the first user at one of the current time-instance or the later time-instance.
11. The system of claim 10, wherein the server is further configured to set the online transaction on hold at the current time-instance so as to be completed at the later time-instance, when the evaluated urgency level is below a threshold urgency level, and wherein the first user is prompted at the later time-instance to complete the online transaction when the count of the one or more user devices becomes less than the device threshold count.
12. The system of claim 10, wherein the first user is prompted at the current time-instance to complete the online transaction when the evaluated urgency level exceeds a threshold urgency level.
13. The system of claim 10, wherein the primary information is actual financial information of the payment mode, and wherein the secondary information is different from the primary information and is valid for a limited time period such that after the limited time period the secondary information expires.
14. The system of claim 10, wherein the server is further configured to prompt, through the first user device, the first user to update the secondary information for the payment mode, when the count of the one or more user devices is below the device threshold count.
15. The system of claim 10, wherein the server is further configured to determine whether at least one payment mode of the first user is saved at an online payment platform at which the online transaction is initialized or at a merchant associated with the online transaction, wherein when the payment mode is saved, the secondary information corresponds to one of a temporary authentication parameter set for the payment mode or a one-time use virtual payment mode and when no payment mode is saved, the secondary information corresponds to a digital wallet.
16. The system of claim 10, wherein the transaction analysis data and the one or more preferences of the first user are indicative of one or more types of transactions that are required to be completed without delay.
17. The system of claim 10, wherein the one or more user devices are associated with one or more other users present within the proximity distance of the first user device, and wherein the count of the one or more user devices within the proximity distance of the first user device is indicative of a presence of the first user device in one of a private area or a public area.
18. The system of claim 10, wherein the server is further configured to:
determine the device threshold count based on one or more parameters defined by the first user and a real-time location of the first user device; and
update the device threshold count based on an update in the one or more parameters or the real-time location of the first user device.
19. A method for facilitating secure online transactions, the method at a server comprising:
detecting initialization of an online transaction on a first user device of a first user;
determining a count of one or more user devices that are present within a proximity distance of the first user device based on the initialization of the online transaction;
evaluating an urgency level for the online transaction based on transaction analysis data and one or more preferences of the first user, when the count of the one or more user devices exceeds a device threshold count;
selecting one of a delayed transaction completion mode or a real-time transaction completion mode for completion of the initialized online transaction based on the evaluated urgency level, wherein:
in the delayed transaction completion mode, the online transaction is put on hold at a current time-instance and completed by the first user at a later time-instance using primary information of a payment mode, and
in the real-time transaction completion mode, the online transaction is completed by the first user at the current time-instance using secondary information of the payment mode; and
processing the completed online transaction.
20. The method of claim 19, wherein the delayed transaction completion mode is selected when the evaluated urgency level is below a threshold urgency level and the real-time transaction completion mode is selected when the evaluated urgency level exceeds the threshold urgency level, and wherein the transaction analysis data and the one or more preferences of the first user are indicative of one or more types of transactions that are required to be completed without delay.
, Description:METHOD AND SYSTEM FOR FACILITATING SECURE ONLINE TRANSACTIONS

BACKGROUND

FIELD OF THE DISCLOSURE

Various embodiments of the disclosure relate generally to online transactions. More specifically, various embodiments of the disclosure relate to a method and a system for facilitating secure online transactions.

DESCRIPTION OF THE RELATED ART

With the advent of computers and the Internet, there has been a significant increase in the number of online and mobile activities. For example, in this tech savvy world, performing online transactions using mobile devices has become an integral part of a user’s day-to-day routine. Such online transactions have significantly increased the ease with which users make e-commerce purchases or transfer funds electronically.
In order to perform online transactions, the users are required to provide, to an online transaction portal, financial information, such as transaction card numbers, card verification values, and/or personal identification numbers of transaction cards. In a scenario where a user is in a crowded public area, entering such sensitive financial information to perform an online transaction may be risky. For example, a bystander may discover the financial information while the user enters it on the online transaction portal. Hence, the user becomes an easy target for fraudulent discovery of the financial information in the crowded public area. To safeguard the financial information, the user may choose to postpone the online transaction. However, if the user is in an urgent need to make the online transaction, postponing the online transaction may not be a valid solution and may cause inconvenience to the user.
In light of the foregoing, there exists a need for a solution that solves the abovementioned problems and helps in safeguarding user’s sensitive financial information, while the user makes online transactions in a crowded public area.
SUMMARY

In an embodiment of the disclosure, a method for facilitating secure online transactions is provided. Initialization of an online transaction on a first user device of a first user is detected by a server. A count of one or more user devices that are present within a proximity distance of the first user device is determined by the server based on the initialization of the online transaction. When the count of the one or more user devices exceeds a device threshold count, an urgency level for the online transaction is evaluated by the server. The urgency level is evaluated based on transaction analysis data and one or more preferences of the first user. Based on the evaluated urgency level, the first user is prompted by the server through the first user device to complete the online transaction at one of a later time-instance using primary information of a payment mode or at a current time-instance using secondary information of the payment mode. The online transaction completed by the first user at one of the current time-instance or the later time-instance is processed by the server.
In another embodiment of the disclosure, a system for facilitating secure online transactions is provided. The system includes a server that is configured to detect initialization of an online transaction on a first user device of a first user. Based on the initialization of the online transaction, the server determines a count of one or more user devices that are present within a proximity distance of the first user device. When the count of the one or more user devices exceeds a device threshold count, the server evaluates an urgency level for the online transaction. The urgency level is evaluated based on transaction analysis data and one or more preferences of the first user. The server prompts the first user, through the first user device, to complete the online transaction at one of a later time-instance using primary information of a payment mode or at a current time-instance using secondary information of the payment mode. The server processes the online transaction completed by the first user at one of the current time-instance or the later time-instance.
In another embodiment of the disclosure, a method, executed at a server, for facilitating secure online transactions is provided. Initialization of an online transaction on a first user device of a first user is detected by the server. A count of one or more user devices that are present within a proximity distance of the first user device is determined by the server based on the initialization of the online transaction. When the count of the one or more user devices exceeds a device threshold count, an urgency level for the online transaction is evaluated by the server. The urgency level is evaluated based on transaction analysis data and one or more preferences of the first user. One of a delayed transaction completion mode or a real-time transaction completion mode is selected by the server for completion of the initialized online transaction based on the evaluated urgency level. In the delayed transaction completion mode, the online transaction is put on hold at a current time-instance and completed by the first user at a later time-instance using primary information of a payment mode. In the real-time transaction completion mode, the online transaction is completed by the first user at the current time-instance using secondary information of the payment mode. The completed online transaction is processed by the server.

BRIEF DESCRIPTION OF DRAWINGS

The accompanying drawings illustrate the various embodiments of systems, methods, and other aspects of the disclosure. It will be apparent to a person skilled in the art that the illustrated element boundaries (e.g., boxes, groups of boxes, or other shapes) in the figures represent one example of the boundaries. In some examples, one element may be designed as multiple elements, or multiple elements may be designed as one element. In some examples, an element shown as an internal component of one element may be implemented as an external component in another, and vice versa.
Various embodiments of the disclosure are illustrated by way of example, and not limited by the appended figures, in which like references indicate similar elements, and in which:
FIG. 1 is a block diagram that illustrates an exemplary environment for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure;
FIG. 2 is a process flow diagram that illustrates an exemplary process for setting secondary information for a payment mode, in accordance with an exemplary embodiment of the disclosure;
FIGS. 3A, 3B, and 3C, collectively represent a process flow diagram that illustrates an exemplary scenario for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure;
FIG. 4 represents an exemplary scenario that illustrates first through fourth user interface (UI) screens rendered on a first user device of FIG. 1 for facilitating a secure online transaction, in accordance with an exemplary embodiment of the disclosure;
FIG. 5 is a block diagram that illustrates an application server of FIG. 1, in accordance with an exemplary embodiment of the disclosure;
FIG. 6 is a block diagram that illustrates system architecture of a computer system, in accordance with an exemplary embodiment of the disclosure;
FIGS. 7A and 7B, collectively represent a flow chart that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure;
FIG. 8 represents a high-level flow chart that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure; and
FIG. 9 represents a high-level flow chart that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure.
Further areas of applicability of the disclosure will become apparent from the detailed description provided hereinafter. It should be understood that the detailed description of exemplary embodiments is intended for illustration purposes only and is, therefore, not intended to necessarily limit the scope of the disclosure.

DETAILED DESCRIPTION OF EMBODIMENTS

The disclosure is best understood with reference to the detailed figures and description set forth herein. Various embodiments are discussed below with reference to the figures. However, those skilled in the art will readily appreciate that the detailed descriptions given herein with respect to the figures are simply for explanatory purposes as the methods and systems may extend beyond the described embodiments. In one example, the teachings presented and the needs of a particular application may yield multiple alternate and suitable approaches to implement the functionality of any detail described herein. Therefore, any approach may extend beyond the particular implementation choices in the following embodiments that are described and shown.
References to “an embodiment”, “another embodiment”, “yet another embodiment”, “one example”, “another example”, “yet another example”, “for example”, and so on, indicate that the embodiment(s) or example(s) so described may include a particular feature, structure, characteristic, property, element, or limitation, but that not every embodiment or example necessarily includes that particular feature, structure, characteristic, property, element or limitation. Furthermore, repeated use of the phrase “in an embodiment” does not necessarily refer to the same embodiment.
OVERVIEW
A user may become an easy target for fraudulent discovery of sensitive financial information when the user enters the financial information to perform an online transaction while being in a crowded public area. For keeping the financial information secure, the user may choose to postpone the online transaction. However, postponing the online transaction may inconvenience the user when the user is in an urgent need to make the online transaction.
Various embodiments of the present disclosure provide a method and a system that solve the abovementioned problems by offering a means to safeguard users’ sensitive financial information, while the users make online transactions in crowded public areas. The system includes a server that detects initialization of an online transaction on a first user device of a first user. Examples of the server may include an e-commerce merchant server, an issuer server, or any third-party server offering the solution. Upon the detection of the initialized online transaction, the server determines a count of other user devices that are present within a proximity distance of the first user device. The other user devices may belong to other users that are present within the proximity distance, and the proximity distance may be a value set by the first user or the server.
When the count of the other user devices is below a device threshold count, the server determines that it is safe to complete the online transaction at the current time-instance and prompts the first user to complete the online transaction by providing primary financial information associated with a payment mode of the first user. However, when the count of the other user devices exceeds the device threshold count, the server determines that it is unsafe to complete the online transaction at the current time-instance and evaluates an urgency level for the online transaction. When the evaluated urgency level is below a threshold urgency level, the server selects a delayed transaction completion mode and when the evaluated urgency level exceeds the threshold urgency level, the server selects a real-time transaction completion mode.
In the delayed transaction completion mode, the server sets the online transaction on hold at the current time-instance so as to be completed at a later time-instance. At the later time-instance, when the count of the other user devices becomes less than the device threshold count, the server prompts the first user to complete the online transaction by utilizing the primary financial information of the payment mode. In the real-time transaction completion mode, the server prompts the first user at the current time-instance to complete the online transaction by utilizing secondary financial information of the payment mode. The secondary financial information is different from the primary financial information and is valid for a limited time period such that after the limited time period, the secondary financial information automatically expires. The secondary financial information may correspond to one of a one-time use virtual payment mode, a temporary authentication parameter set for the payment mode, or a digital wallet. The server then processes the completed online transaction.
The method and system of the disclosure ensure that the primary financial information of the payment mode is not used to complete the online transaction in a crowded public area. When the online transaction is urgent and the first user is in the crowded public area, the method and system of the disclosure provide an option to complete the online transaction using the secondary financial information. Thus, the primary financial information of the first user is safeguarded.
TERMS DESCRIPTION (in addition to plain and dictionary meaning)
Online transaction is a method of payment in which funds are exchanged online between two or more entities via electronic funds transfer. For example, an online transaction may include transferring a transaction amount online (i.e., over the Internet) from a first payment account to a second payment account.
First user device is a user-computing device that is used by a first user for initiating an online payment transaction. Examples of the first user device may include a mobile phone, a smartphone, a laptop, a tablet, a phablet, or the like.
One or more user devices are user-computing devices that are present within a proximity distance of a first user device on which an online transaction is initialized. The one or more user devices belong to one or more other users that are present within the proximity distance of the first user device.
Urgency level refers to a value that indicates how urgent is an online transaction. In one example, the urgency level is a Boolean variable having value ‘0’ or ‘1’, or ‘True’ or ‘False’. Thus, when the urgency level is ‘0’ or ‘False’, the online transaction is considered as not urgent and when the urgency level is ‘1’ or ‘True’, the online transaction is considered as urgent. In another example, the urgency level is a numeric value that lies within a range such that an upper-limit of the range is the highest urgency level an online transaction may attain and the lower-limit of the range is the lowest urgency level the online transaction may attain. Further, one of the values in the range may be defined as a threshold urgency level, such that when the urgency level for an online transaction exceeds the threshold urgency level, the online transaction is considered as urgent and when the urgency level is below the threshold urgency level, the online transaction is considered as not urgent.
Delayed transaction completion mode is an online transaction completion mode, which is selected when a user initializes a non-urgent online transaction in a public area. In the delayed transaction completion mode, completion of the initialized online transaction is deferred to a later time-instance. In other words, the initialized online transaction is put on hold at the current time-instance so as to be completed at the later time-instance when the user has shifted to a private area. At the later time-instance, the user is allowed to use primary financial information of a payment mode to complete the initialized online transaction. For example, the user may initialize an online transaction at 10:00 AM while the user is at a railway station and surrounded by many other users. In such a scenario, the delayed transaction completion mode is selected and the initialized online transaction is put on hold at 10:00 AM. At 10:15 AM, the user may not be surrounded by any other user or may move to another area that is private. Thus, at 10:15 AM, the user is prompted to complete the online transaction, that was put on hold at 10:00 AM, using the primary financial information of user’s payment mode.
Real-time transaction completion mode is an online transaction completion mode, which is selected when a user initializes an urgent online transaction in a public area. In the real-time transaction completion mode, the user is prompted to complete the initialized online transaction at the current time-instance using secondary financial information of a payment mode instead of primary financial information of the payment mode. For example, the user may initialize an online transaction at 10:00 AM for booking a cab while the user is at a railway station and surrounded by many other users. When the online transaction for booking the cab is considered as urgent, the real-time transaction completion mode is selected. Thus, at 10:00 AM, the user is prompted to complete the online transaction using the secondary financial information of user’s payment mode.
Primary information is the actual financial information of a payment mode that when compromised may lead to fraudulent use of the payment mode. The primary information is set for long term use. For example, for a transaction card, the primary information may include an actual card number, an expiry date, a card verification value (CVV) number, a personal identification number (PIN), or the like.
Secondary information is temporary financial information of the payment mode that when compromised may not lead to fraudulent use of the payment mode. The secondary information is different from primary financial information of the payment mode and set for short term use. For example, a one-time use virtual transaction card that is linked to a transaction card may correspond to the secondary information. After the user uses the virtual transaction card, the virtual transaction card expires and hence cannot be used fraudulently by any other user.
Private area refers to a space, within a proximity distance of a user, where a count of other users that are present is below a device threshold count. For example, a 2 meters radius circle encompassing a user may refer to a private area when the count of other users in the circle is less than the device threshold count (e.g., one, two, three, or the like).
Public area refers to a space, within a proximity distance of a user, where a count of other users that are present exceeds a device threshold count. For example, a 2 meters radius circle encompassing a user may refer to a public area when the count of other users inside the circle exceeds the device threshold count (e.g., one, two, three, or the like).
Server is a physical or cloud data processing system on which a server program runs. The server may be implemented in hardware or software, or a combination thereof. In one embodiment, the server may be implemented in computer programs executing on programmable computers, such as personal computers, laptops, or a network of computer systems. The server may correspond to one of an application server, an acquirer server, a payment network server, an issuer server, or a third-party server.
FIG. 1 is a block diagram that illustrates an exemplary environment 100 for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure. The exemplary environment 100 includes first through third user devices 102a-102c of first through third users 104a-104c, respectively. The exemplary environment 100 further includes an application server 106, a merchant server 108, an acquirer server 110, a payment network server 112, and an issuer server 114. The first through third user devices 102a-102c, the application server 106, the merchant server 108, the acquirer server 110, the payment network server 112, and the issuer server 114 communicate with each other by way of a communication network 116 or through separate communication networks established therebetween. For the sake of brevity, the environment 100 is shown to include only three user devices; however, in actual implementation, the environment 100 may include any number of user devices without deviating from the scope of the disclosure.
The first user device 102a is a communication device of the first user 104a. The first user device 102a may include suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, for executing a service application (shown in FIG. 2) hosted by the application server 106 or other mobile applications hosted by the merchant server 108, the payment network server 112, or the issuer server 114. Each service application or mobile application running on the first user device 102a may serve as a gateway to a corresponding host server. The first user device 102a may be used by the first user 104a to access various electronic commerce (e-commerce) websites, web applications, and/or mobile applications to purchase products or avail services. For purchasing the products or availing the services, the first user 104a may be required to perform online payment transactions (hereinafter, referred to as “online transactions”). The first user device 102a may be further used by the first user 104a to perform such online transactions. The first user device 102a includes a global positioning system (GPS) sensor that is configured to detect a current (i.e., a real-time) location of the first user device 102a. Further, the first user device 102a is capable of communicating via the communication network 116 and supports various types of near-field communication (NFC) technologies, such as Bluetooth, Zigbee, Wi-Fi, or the like.
Likewise, the second and third user devices 102b and 102c are communication devices of the second and third users 104b and 104c, respectively. In one embodiment, the second and third user devices 102b and 102c may be configured to execute the service application hosted by the application server 106. The second and third user devices 102b and 102c may be functionally similar to the first user device 102a. Examples of the first through third user devices 102a-102c may include, but are not limited to, mobile phones, smartphones, laptops, tablets, phablets, or other devices that are capable of communicating via the communication network 116.
The first user 104a is an individual, who is an account holder of a first payment account maintained at a financial institution, such as an issuer. The first user 104a may want to perform an online transaction for making an e-commerce purchase or electronically transferring funds from the first payment account to another payment account. The first payment account may be associated with one or more payment modes that enable the first user 104a to initialize various online transactions from the first payment account using the first user device 102a. Examples of such payment modes may include transaction cards (such as debit cards, credit cards, prepaid cards, gift cards, and/or promotional cards), Unified Payment Interface (UPI) links, and/or the like. Each payment mode of the first user 104a may be linked with corresponding primary financial information (hereinafter, referred to as “primary information”). For example, the primary information of a transaction card may include a card number, an expiry date, a card verification value (CVV) code, a primary personal identification number (PIN), a registered mobile number, a registered e-mail id, or the like. The primary information for a UPI link may include a primary PIN. For completing an online transaction using a first payment mode, the first user 104a is required to submit the primary information of the first payment mode. In one embodiment, the first user 104a may electronically save the corresponding payment modes, in an encrypted format, with the service application or the other mobile applications for future use. Likewise, the second and third users 104b and 104c may use the corresponding user devices 102b and 102c and payment modes for performing online transactions.
The application server 106 may include suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, for hosting the service application. The application server 106 is a computing server, an apparatus, or a system that is configured to facilitate secure online transactions. For example, when the application server 106 detects that an online transaction is initialized, using the service application, on the first user device 102a, the application server 106 may be configured to determine whether the first user device 102a is present in a private area or a public area. A surrounding area of the first user device 102a may be categorized into a private area or a public area based on a count of other user devices (e.g., the second and third user devices 102b and 102c) that are present within the surrounding area, e.g., within a proximity distance 118 from the first user device 102a. In one example, the proximity distance 118 may be ‘5 meters (m)’ from the first user device 102a. In another example, the proximity distance 118 may be ‘one kilometer (km)’ from the first user device 102a. The proximity distance 118 may be defined by the first user 104a or the application server 106. In one example, the proximity distance 118 may be a safe distance outside which a display of the first user device 102a is not viewable to any other user.
If the first user device 102a is determined to be present in a private area, the application server 106 may be configured to prompt the first user 104a, through the first user device 102a, to complete the initialized online transaction using the primary information of the first payment mode. However, if the first user device 102a is determined to be present in a public area, the application server 106 may be configured to evaluate an urgency level for the initialized online transaction. Based on the evaluated urgency level, the application server 106 may be configured to select one of a real-time transaction completion mode or a delayed transaction completion mode. In a scenario where the initialized online transaction is urgent, the application server 106 may be configured to select the real-time transaction completion mode and where the initialized online transaction is not urgent, the application server 106 may be configured to select the delayed transaction completion mode.
While operating in the real-time transaction completion mode, the application server 106, without any delay, may prompt the first user 104a to complete the initialized online transaction using secondary financial information of the first payment mode. The secondary financial information (hereinafter, referred to as “secondary information”) of the first payment mode is different from the primary information of the first payment mode and refers to short term use (e.g., one-time use) information that is set by the first user 104a or the application server 106. Examples of the secondary information may include a temporary PIN, a virtual card, or a digital wallet linked to the first payment mode. Thus, once the secondary information is used to complete an online transaction, the secondary information expires. One or more operations involved in the setting of the secondary information for the first payment mode are described later in conjunction with FIG. 2.
While operating in the delayed transaction completion mode, the application server 106 may be configured to defer the completion of the online transaction to a later time-instance. For deferring the completion of the online transaction, the application server 106 may set (or put) the online transaction on hold at the current time-instance, until the later time-instance when the first user device 102a enters any private area. When the first user device 102a is determined to be in a private area, the application server 106 may prompt the first user 104a to complete the online transaction, that was put on hold, using the primary information of the first payment mode. Thus, the application server 106 ensures that the primary information of the first payment mode is not used for completing an online transaction while the first user device 102a is in the public area and surrounded by other users.
The first user 104a may complete the online transaction based on the prompting. Upon the completion of the online transaction, the application server 106 may be configured to process the completed online transaction and communicate encrypted transaction data of the online transaction to the acquirer server 110 that maintains a payment account of a first merchant that corresponds to the online transaction.
The merchant server 108 is a computing server or a payment gateway server operated by the first merchant. The first merchant may establish the corresponding payment account with a financial institution, such as an acquirer, to accept payments for products and/or services that are offered for sale by the first merchant. The merchant server 108 may be configured to host a merchant web application, a merchant mobile application, or a merchant website for enabling users (e.g., the first through third users 104a-104c) to purchase the products and/or services offered for sale by the first merchant. In one embodiment, the merchant server 108 may be configured to facilitate secure online transactions for the e-commerce purchases made by the users through the merchant web application, the merchant mobile application, or the merchant website. To facilitate secure online transactions, the merchant server 108 may perform similar operations as performed by the application server 106 without deviating from the scope of the disclosure.
The acquirer server 110 is a computing server that is operated by the acquirer. The acquirer server 110 may be configured to receive transaction data of the online transactions from the application server 106 and transmit authorization requests to payment networks or issuers for authorizing the corresponding online transactions. The acquirer server 110 may be configured to credit payment accounts of various merchants with transaction amounts, when the corresponding online transactions are authorized.
The payment network server 112 is a computing server that is operated by a payment network and may include suitable logic, circuitry, interfaces, and/or code, executed by the circuitry, for processing transactions. The payment network server 112 represents an intermediate entity between the acquirer server 110 and the issuer server 114 for processing the transactions.
The issuer server 114 is a computing server that is operated by the issuer. The issuer server 114 may include suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, for processing transactions. The issuer is a financial institution that manages payment accounts of multiple users, such as the first user 104a. Account details of the payment accounts, established with the issuer are stored as account profiles in a memory (not shown) of the issuer server 114 or on a cloud server associated with the issuer server 114. The account details may include an account balance, an available credit line, details of an account holder, transaction history of the account holder, account information, or the like. The details of the account holder may include name, age, gender, physical attributes, registered contact number, alternate contact number, registered e-mail ID, or the like of the account holder. The issuer server 114 may be configured to authorize various transactions (e.g., online and offline transactions) based on the authorization requests received from the payment network server 112. The issuer server 114 may further generate authorization responses indicating whether the transactions are approved or declined. Methods for processing transactions via the issuer server 114 will be apparent to a person of ordinary skill in the art and may include processing the transactions via the traditional four-party system or the traditional three-party system.
Examples of the application server 106, the merchant server 108, the acquirer server 110, the payment network server 112, and the issuer server 114 may include, but are not limited to, computers, laptops, mini-computers, mainframe computers, any non-transient and tangible machines that can execute a machine-readable code, cloud-based servers, distributed server networks, a network of computer systems, or a combination thereof.
Though the application server 106 is shown to be a standalone entity in FIG. 1, in other embodiments, the application server 106 may be integrated with the merchant server 108, the acquirer server 110, the payment network server 112, or the issuer server 114 without deviating from the scope of the disclosure. For example, if the application server 106 is integrated with the merchant server 108, the functionality of the application server 106 may be implemented by the merchant server 108. Likewise, if the application server 106 is integrated with the issuer server 114, the functionality of the application server 106 may be implemented by the issuer server 114.
The communication network 116 is a medium through which content and messages are transmitted between the first through third user devices 102a-102c, the application server 106, the merchant server 108, the acquirer server 110, the payment network server 112, and the issuer server 114, or other entities involved in transaction processing. Examples of the communication network 116 may include, but are not limited to, a Wi-Fi network, a light fidelity (Li-Fi) network, a local area network (LAN), a wide area network (WAN), a metropolitan area network (MAN), a satellite network, the Internet, a fiber optic network, a coaxial cable network, an infrared (IR) network, a radio frequency (RF) network, and combinations thereof. Various entities in the exemplary environment 100 may connect to the communication network 116 in accordance with various wired and wireless communication protocols, such as Transmission Control Protocol and Internet Protocol (TCP/IP), User Datagram Protocol (UDP), Long Term Evolution (LTE) communication protocols, Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), Domain Network System (DNS) protocol, Common Management Interface Protocol (CMIP), or any combination thereof.
FIG. 2 is a process flow diagram 200 that illustrates an exemplary process for setting secondary information for a payment mode, in accordance with an exemplary embodiment of the disclosure. Hereinafter, the service application hosted by the application server 106 is designated and referred to as “the service application 202”. The service application 202 may be an online payment platform that allows users to perform online transactions for purchases or transfer of funds. The service application 202 is executable on the first user device 102a and may serve as a gateway to the application server 106.
The first user 104a may access (i.e., opens or logs-in to) the service application 202 executed on the first user device 102a (as shown by arrow 204). The service application 202 may access the GPS sensor in the first user device 102a to obtain location coordinates of a current location of the first user device 102a. Since the first user device 102a is in the possession of the first user 104a, the current location of the first user device 102a is also the current location of the first user 104a. The obtained location coordinates are then communicated to the application server 106 by the service application 202 running on the first user device 102a. Based on the received location coordinates, the application server 106 may detect the current (i.e., real-time) location of the first user device 102a (as shown by arrow 206).
The application server 106 may utilize the current location of the first user device 102a to determine a device threshold count for the first user device 102a (as shown by arrow 206). The device threshold count represents an upper limit on a count of other user devices that are allowed to be present within the proximity distance 118 for an area to be marked as private area for the first user device 102a. In other words, the surrounding area of the first user 104a is marked as a private area (i.e., an area for secure online transactions) when the count of other user devices within the proximity distance 118 of the first user device 102a is less than the device threshold count. For example, if the current location of the first user device 102a indicates that the first user 104a is in a shopping mall, the device threshold count may be determined as ‘five. Likewise, the surrounding area of the first user 104a is marked as public area (i.e., an area unsecure for online transactions) when the count of other user devices within the proximity distance 118 of the first user device 102a is greater than or equal to the device threshold count. In another example, if the current location of the first user device 102a indicates that the first user 104a is at a railway platform, the device threshold count may be determined as ‘1’. Thus, the count of the one or more user devices within the proximity distance 118 of the first user device 102a is indicative of a presence of the first user device 102a in one of a private area or a public area. The application server 106 may further determine the device threshold count based on one or more parameters defined by the first user 104a. The one or more parameters may include location tags assigned by the first user 104a to trusted locations. For example, the first user 104a may have tagged a first location as ‘home’, a second location as ‘office’, a third location as ‘friend’s place’, or the like. In such a scenario, if the current location of the first user device 102a is a trusted location, the device threshold count may be set to a higher value in comparison to the device threshold count for an untrusted location. The one or more parameters may further include device threshold rules specified by the first user 104a. For example, the first user 104a may have instructed the application server 106 to set the device threshold count to ‘5’, when the first user device 102a is present at ‘office’ location. Likewise, the first user 104a may have instructed the application server 106 to set the device threshold count to ‘1’ for an untrusted location. For the sake of brevity, it is assumed that the device threshold count is determined as ‘two’.
Upon the determination of the device threshold count, the application server 106 may determine the count of other user devices that are present within the proximity distance 118 of the first user device 102a (as shown by arrow 210). In one embodiment, the application server 106 may determine the count of other user devices based on the current location of other user devices that have the service application 202 running thereon. For example, the application server 106 may determine that out of 100 user devices on which the service application 202 run, the current location of only one user device, e.g., the second user device 102b, indicates presence within the proximity distance 118. In another embodiment, the application server 106 may determine the count of other user devices based on NFC information received from the first user device 102a. The NFC information may indicate various user devices that are present within the NFC communication range (e.g., the proximity distance 118) of the first user device 102a. For example, Bluetooth on the first user device 102a may detect the presence of the second user device 102b when Bluetooth on the second user device 102b is turned on. Thus, when only one other user device is present in the Bluetooth range of the first user device 102a, the application server 106 may determine the count of other user devices to be one. In another embodiment, the application server 106 may determine the count of other user devices based on connectivity of the other user devices to the same Wi-Fi hotspot, router, or modem to which the first user device 102a is connected. For example, when only one other user device (e.g., the second user device 102b) is connected to the same Wi-Fi hotspot to which the first user device 102a is connected, the application server 106 may determine the count of other user devices to be one. In another embodiment, the application server 106 may utilize all three abovementioned techniques simultaneously to determine the count of other user devices. For the sake of brevity, it is assumed that the application server 106 determines that the count of other user devices that are present within the proximity distance 118 of the first user device 102a is ‘one’, i.e., less than the device threshold count ‘two’.
The application server 106 marks the surrounding area (i.e., the proximity distance 118) of the first user device 102a as private area when the count of other user devices that are present within the proximity distance 118 of the first user device 102a is less than the device threshold count. When the first user device 102a is determined to be in the private area, the application server 106 may prompt the first user 104a to save a payment mode (e.g., a first transaction card) with the service application 202 for future use. The application server 106 may prompt the first user 104a by displaying a message (e.g., a short message service, a push notification, or the like) on the first user device 102a by way of the service application 202. In a scenario where a payment mode (e.g., the first transaction card) of the first user 104a is already saved with the service application 202, the application server 106 may prompt the first user 104a to define (or set) a temporary authentication parameter (i.e., the secondary information) for the saved first transaction card (as shown by arrow 212). The temporary authentication parameter may correspond to a temporary PIN that is different from the actual PIN of the first transaction card and has a short-term validity (e.g., one-time use validity).
In response to the prompting, the first user 104a may access the service application 202 to set the temporary PIN for the first transaction card (as shown by arrow 214). The temporary PIN is communicated by the first user device 102a to the application server 106 in an encrypted format (as shown by arrow 216). In one embodiment, for ensuring data security to the first user 104a, the application server 106 may not store any instance of the temporary PIN in a corresponding memory. The application server 106 may communicate the encrypted temporary PIN to the payment network server 112 that corresponds to the first transaction card (as shown by arrow 218) and the payment network server 112 may communicate the encrypted temporary PIN to the issuer server 114 that issued the first transaction card (as shown by arrow 220). In one embodiment, before linking the temporary PIN to the first transaction card, the issuer server 114 may authenticate the first user 104a by using one or more authentication schemes known in the art. Once the first user 104a is authenticated, the issuer server 114 may link the temporary PIN to the first transaction card (as shown by arrow 222) and notify the first user 104a by communicating a notification to the first user device 102a (as shown by arrow 224).
In another embodiment, when the application server 106 detects that the temporary PIN linked to the first transaction card has expired, the application server 106 may further prompt the first user 104a, while the first user 104a is in a private area, to set a new temporary PIN for the first transaction card. It will be apparent to those of skill in the art that the new temporary PIN may be set in a similar manner as described in the foregoing, without deviating from the scope of the disclosure.
FIGS. 3A, 3B, and 3C, collectively represent a process flow diagram 300 that illustrates an exemplary scenario for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure. The process flow diagram 300 is described for an online transaction initialized by the first user 104a using the first user device 102a.
With reference to FIG. 3A, the first user 104a may access the service application 202 (as shown by arrow 302) executed on the first user device 102a for initializing (or initiating) an online transaction (as shown by arrow 304). In one example, the online transaction may be initialized when the first user 104a selects the service application 202 to make online payment to the first merchant or another payee. As the service application 202 is a gateway to the application server 106, the application server 106 detects the initialization of the online transaction on the first user device 102a (as shown by arrow 306). The application server 106 then detects a current location of the first user device 102a (as shown by arrow 308). The application server 106 may detect the current location based on location coordinates of the first user device 102a that are received from the service application 202.
Based on the current location of the first user device 102a and the one or more parameters defined by the first user 104a, the application server 106 may determine a device threshold count for the first user device 102a (as shown by arrow 310). The determination of the device threshold count has been explained in the foregoing description of FIG. 2. For the sake of brevity, it is assumed that the device threshold count determined by the application server 106 is ‘one’. Upon the determination of the device threshold count, the application server 106 determines a count of other user devices that are present within the proximity distance 118 of the first user device 102a (as shown by arrow 312). The determination of the count of other user devices has been explained in FIG. 2. For the sake of brevity, it is assumed that only the second user device 102b is present within the proximity distance 118. Thus, the application server 106 determines that only one other user device is present within the proximity distance 118.
In a scenario, when the count of other user devices that are present within the proximity distance 118 of the first user device 102a is less than the device threshold count, the application server 106 marks the surrounding area of the first user device 102a as the private area. When the first user 104a is in the private area, the application server 106 allows the first user 104a to complete the initialized online transaction at the current time-instance without any delay. The application server 106 may prompt the first user 104a, through the first user device 102a, to complete the initialized online transaction by using the primary information of the first transaction card. However, in the current scenario, the count of other user devices (i.e., 1) that are present within the proximity distance 118 of the first user device 102a is equal to the device threshold count (i.e., ‘1’). In such a scenario, the application server 106 marks the surrounding of the first user device 102a as the public area and determines that it is unsafe to complete the online transaction using the primary information.
When the count of other user devices that are present within the proximity distance 118 of the first user device 102a is greater than or equal to the device threshold count, the application server 106 may evaluate an urgency level for the online transaction (as shown by arrow 314). In other words, when the first user device 102a is determined to be in the public area, the application server 106 evaluates the urgency level for the online transaction. The urgency level may indicate a degree of urgency associated with an online transaction. In one embodiment, the urgency level may be a Boolean variable having values ‘0’ or ‘1’, or ‘True’ or ‘False’. In such a scenario, when the urgency level is ‘0’ or ‘False’, the online transaction is considered as not urgent. When the urgency level is ‘1’ or ‘True’, the online transaction is urgent and required to be completed without delay. In another embodiment, the urgency level may be a numerical value that lies in a defined range. In such a scenario, an online transaction is considered to be urgent when the urgency level is greater than or equal to a threshold urgency level, and the online transaction is considered not urgent when the urgency level is below the threshold urgency level.
The application server 106 may be configured to determine the urgency level for the online transaction based on transaction analysis data and one or more preferences specified by the first user 104a. The transaction analysis data and the one or more preferences are indicative of various types of transactions that are required to be completed without any delay. For example, in the one or more preferences, the first user 104a may have defined all grocery and healthcare related online transactions to be urgent. Likewise, the first user 104a may have specified all cab booking related online transactions to be urgent. The transaction analysis data may represent a dataset that is indicative of the types of transactions that require immediate completion. For example, online transactions (such as flight booking transactions, cab booking transactions, movie ticket booking transactions, health care related transactions, or the like) which if delayed may result in an increased price of the commodity, unavailability of the commodity, or the like, are regarded as urgent. In another scenario, the application server 106 may be configured to regard an online transaction as urgent, when the current location of the first user 104a is inside a merchant premise and the online transaction is initialized for making a payment to the same merchant. For example, the first user 104a may visit a merchant store for buying a first item and may opt to perform an online transaction for making a payment for the purchase. The application server 106 may be configured to regard such an online transaction as urgent. The types of online transactions that are determined as urgent by the application server 106 or the first user 104a have the urgency level as ‘1’, ‘True’, or greater than the threshold urgency level. The application server 106 may utilize various artificial intelligence (AI) and machine learning algorithms to evaluate the urgency level for the online transaction as described later in FIG. 5.
Based on the evaluation of the urgency level for the online transaction, the application server 106 may be configured to select one of a first mode or a second mode of operation (as shown by arrow 316). The first mode is the delayed transaction completion mode and the second mode is the real-time transaction completion mode. The application server 106 may select the delayed transaction completion mode when the evaluated urgency level is below the threshold urgency level, ‘0’, or ‘False’, and the real-time transaction completion mode when the evaluated urgency level is greater than or equal to the threshold urgency level, ‘1’, or ‘True’. The functions performed by the application server 106 in the delayed transaction completion mode and the real-time transaction completion mode are described later in conjunction with FIGS. 3B and 3C, respectively.
With reference to FIG. 3B, the application server 106 may have selected to operate in the delayed transaction completion mode based on the urgency level of the online transaction. While operating in the delayed transaction completion mode, the application server 106 may set the online transaction on hold at the current time-instance t1 (as shown by arrow 318). The application server 106 may keep the online transaction on hold until a later time-instance t2 when the count of the other user devices within the proximity distance 118 becomes less than the device threshold count. For example, the second user device 102b may move out of the proximity distance 118 at the later time-instance t2, thereby making the count of the other user devices within the proximity distance 118 ‘0’, i.e., less than the device threshold count ‘1’. In other words, when the evaluated urgency level is below the threshold urgency level, ‘0’, or ‘False’, the application server 106 may defer the completion of the online transaction to the later time-instance t2.
At the later time-instance t2, when the application server 106 determines that the count of the other user devices within the proximity distance 118 is less than the device threshold count, the application server 106 may prompt the first user 104a to complete the online transaction using the primary information of the first transaction card (as shown by arrow 320). The application server 106 may prompt the first user 104a by displaying a message (e.g., a short message service, a push notification, or the like) on the first user device 102a by way of the service application 202. In response to the prompting, the first user 104a completes the online transaction by using the primary information of the first transaction card (as shown by arrow 322). In one example, when the first transaction card is saved with the service application 202 or with the merchant, the first user 104a may provide the actual PIN of the first transaction card as the primary information for completing the online transaction. In another example, when the first transaction card is not saved with the service application 202 or with the merchant, the first user 104a may provide the actual PIN and other card details of the first transaction card as the primary information for completing the online transaction.
The primary information is communicated by the first user device 102a to the application server 106 in an encrypted format (as shown by arrow 324). In one embodiment, for ensuring data security to the first user 104a, the application server 106 may not store any instance of the primary information in the corresponding memory. Upon receiving the encrypted primary information, the application server 106 may process the completed online transaction (as shown by arrow 326) and communicate the transaction details of the online transaction to the acquirer server 110 for further processing. Based on the transaction details, the acquirer server 110 may generate an authorization request for the online transaction and communicate the authorization request to the payment network server 112 that corresponds to the first transaction card used for completing the online transaction. The payment network server 112 may communicate the authorization request to the issuer server 114 that issued the first transaction card. The issuer server 114 may authorize the online transaction for approval or denial. In a scenario where the online transaction is approved, a transaction amount of the online transaction is deducted from the first payment account of the first user 104a and transferred to the payment account of the merchant or any other payee.
With reference to FIG. 3C, the application server 106 may have selected to operate in the real-time transaction completion mode based on the urgency level of the online transaction. While operating in the real-time transaction completion mode, the application server 106 may determine, at the current time-instance t1, whether any payment mode of the first user 104a is saved with the service application 202 or with the first merchant (as shown by arrow 328).
In an exemplary scenario where the first transaction card is saved with the service application 202 or with the first merchant, the application server 106 may determine whether the first user 104a has set any temporary PIN for the saved first transaction card. When the application server 106 determines that the temporary PIN was set and is valid, the application server 106 may prompt the first user 104a to complete the online transaction at the current time-instance t1 using the temporary PIN as the secondary information (as shown by arrow 330). When the application server 106 determines that the temporary PIN has not been set or has expired, the application server 106 may generate a virtual transaction card or a virtual token linked to the first transaction card for the online transaction. In one embodiment, the application server 106 may request the issuer server 114 to generate the virtual transaction card or the virtual token for the online transaction. The virtual transaction card may be a short-term use (e.g., one-time use) transaction card and may only be used for completing the initialized online transaction. The virtual transaction card or the virtual token is then presented to the first user 104a through the first user device 102a. The application server 106 may then prompt the first user 104a to complete the online transaction at the current time-instance t1 using the generated virtual transaction card or the virtual token as the secondary information. In another exemplary scenario where no payment mode is saved with the service application 202 or with the first merchant, the application server 106 may prompt the first user 104a to complete the online transaction at the current time-instance t1 using a digital wallet linked to the first payment mode as the secondary information. The application server 106 may prompt the first user 104a by displaying a message (e.g., a short message service, a push notification, or the like) on the first user device 102a by way of the service application 202.
In response to the prompting, the first user 104a may complete the online transaction at the current time-instance t1 by using the secondary information that is one of the temporary PIN, the virtual card, or the digital wallet (as shown by arrow 332). The secondary information is communicated by the first user device 102a to the application server 106 in an encrypted format (as shown by arrow 334). Upon receiving the encrypted secondary information, the application server 106 may process the completed online transaction (as shown by arrow 336) and communicate the transaction details of the online transaction to the acquirer server 110 for further processing. Based on the transaction details, the acquirer server 110 may generate an authorization request for the online transaction and communicate the authorization request to the payment network server 112 that corresponds to the first transaction card used for completing the online transaction. The payment network server 112 may communicate the authorization request to the issuer server 114 that issued the first transaction card. The issuer server 114 may authorize the online transaction for approval or denial.
In one embodiment, the application server 106 may be operating in the delayed transaction completion mode and have put an online transaction on hold due to a low urgency level at the current time-instance t1. In such a scenario, the application server 106 may be configured to continuously monitor the urgency level of the online transaction. The urgency level of an online transaction may vary based on a change in a state of a commodity associated with the online transaction. For example, the urgency level of an online transaction for movie ticket booking may increase when a count of available movies tickets decreases. If the application server 106 determines that the first user device 102a is still in a public area and the real-time urgency level is greater than the threshold urgency level, the application server 106 may switch from the delayed transaction completion mode to the real-time transaction mode.
In one embodiment, the merchant server 108 may be configured to facilitate secure online transactions for e-purchases made from the merchant website, web application, or mobile application. In such a scenario, the merchant server 108 may execute similar operations as executed by the application server 106 in the process flow diagram 300, without deviating from the scope of the disclosure.
FIG. 4 represents an exemplary scenario 400 that illustrates first through fourth user interface (UI) screens 402a-402d rendered on the first user device 102a for facilitating a secure online transaction, in accordance with an exemplary embodiment of the disclosure.
The first user 104a may have selected one or more items for purchase through an e-commerce website or a mobile application. The first UI screen 402a displays the items (e.g., ‘Item 1’, ‘Item 2’, and ‘Item 3’) selected by the first user 104a for purchasing. Further, the first user 104a may have selected the service application 202 for performing an online transaction to pay for the selected items. The first UI screen 402a may include a ‘Proceed to Check-out” button 404 for enabling the first user 104a to initialize an online transaction for the purchase of the selected items. When the first user 104a clicks on the ‘Proceed to Check-out” button 404, the application server 106 detects the initialization of the online transaction and determines the count of other user devices that are present within the proximity distance 118 of the first user device 102a. When the count of other user devices exceeds the device threshold count, the second UI screen 402b may be presented on the first user device 102a.
The second UI screen 402b may display a warning message to notify the first user 104a that the surrounding area of the first user 104a is a public area and may not be safe for conducting an online transaction. The second UI screen 402b may further include a ‘Yes’ button 406a and a ‘No, wait’ button 406b to obtain a preference of the first user 104a on whether the first user 104a wants to complete the online transaction now, i.e., at the current time-instance t1.
In a scenario where the evaluated urgency level for the online transaction is ‘1’ or the first user 104a selects the ‘Yes’ button 406a, the third UI screen 402c may be presented on the first user device 102a. The third UI screen 402c may be further presented when the evaluated urgency level for the online transaction is ‘0’ and the first user 104a selects the ‘Yes’ button 406a. The third UI screen 402c may display a first input field 408 for the first user 104a to enter the temporary PIN as the secondary information for the saved first transaction card (i.e., xxxx xxxx xxxx 2333). The third UI screen 402c may further display a submit button 410, which is selectable by the first user 104a for submitting the temporary PIN. When the first user 104a provides the temporary PIN, and selects or activates the submit button 410, the online transaction is completed and processed by the application server 106. The third UI screen 402c may further display a ‘Generate virtual card’ option 412 for the first user 104a. The first user 104a may select the ‘Generate virtual card’ option 412 when the first user 104a wants to use a virtual transaction card as the secondary information for completing the online transaction.
The fourth UI screen 402d may be presented on the first user device 102a when the online transaction has been successfully completed by the first user 104a using the secondary information or the primary information of the first transaction card.
FIG. 5 is a block diagram that illustrates the application server 106, in accordance with an exemplary embodiment of the disclosure. The application server 106 includes processing circuitry 502, a memory 504, and a transceiver 506. The processing circuitry 502, the memory 504, and the transceiver 506 communicate with each other by way of a communication bus 508.
The processing circuitry 502 includes suitable logic, circuitry, interfaces, and/or code, executable by the circuitry, for facilitating secure online transactions initialized by using the service application 202. Examples of the processing circuitry 502 may include, but are not limited to, an application specific integrated circuit (ASIC) processor, a reduced instruction set computer (RISC) processor, a complex instruction set computer (CISC) processor, a field programmable gate array (FPGA), or the like. The processing circuitry 502 may include a memory manager 510, a payment application host 512, a virtual card generator 514, a transaction analysis engine 516, and a transaction security manager 518.
The memory manager 510 may be configured to manage the memory 504 of the application server 106. The memory manager 510 may be configured to temporarily store, in the memory 504, one or more details of an initialized online transaction when the online transaction is put on hold. The stored details may include a transaction identifier, a list of the items that the first user 104a has selected to purchase, a transaction amount of the online transaction, or the like. The memory manager 510 may be configured to execute various memory management operations (such as, storing data, updating stored data, or deleting the data) for managing the memory 504.
The payment application host 512 may be configured to host the service application 202 that is executable on various user devices, such as the first through third user devices 102a-102c. The payment application host 512 further allows the first through third user devices 102a-102c to initialize online transactions using the service application 202.
The virtual card generator 514 is configured to generate the virtual transaction card when the real-time transaction completion mode is selected for an online transaction and the temporary PIN has not been set or has expired for the saved payment mode of the first user 104a. The virtual transaction card is a one-time use virtual payment card that may have a limited spending capacity as per the transaction amount of the online transaction.
The transaction analysis engine 516 is configured to analyze the transaction analysis data to determine the list of transaction types that are urgent. The transaction analysis engine 516 may employ AI and machine learning algorithms, such as supervised, unsupervised, semi-supervised, or reinforcement machine learning algorithms for operation thereof. Typically, the AI and machine learning algorithms refer to a category of algorithms employed by a system that allows the system to become more accurate in predicting outcomes and/or performing tasks, without being explicitly programmed. The transaction analysis engine 516 may be configured to utilize supervised or unsupervised learning to evaluate the urgency level of the online transactions.
In one embodiment, the transaction analysis engine 516 may be provided with a dataset of online transactions (i.e., the transaction analysis data) that are tagged as urgent and non-urgent. The transaction analysis engine 516 may then identify one or more relationship parameters between the online transactions that are tagged as urgent. For example, train booking transactions and flight booking transactions may be tagged as urgent in the dataset. The transaction analysis engine 516 may identify that commodities that have time varying state correspond to urgent transactions. Likewise, the transaction analysis engine 516 may identify other relationship parameters for the urgent and non-urgent online transactions and determine the threshold urgency level. Thus, when the urgency level is to be evaluated for a new online transaction, the transaction analysis engine 516 may be configured assess similarity between the new online transaction and the previously tagged urgent online transactions on the basis of the identified relationship parameters. High similarity between the new online transaction and the previously tagged urgent online transactions may result in a high urgency level. In one embodiment, the first user 104a may select the ‘Yes’ button 406a for completing an online transaction at the current time-instance, even when the evaluated urgency level for the online transaction is ‘0’. In such a scenario, the transaction analysis engine 516 may record this instance as a feedback and mark a similar online transaction for the next time as urgent.
The transaction security manager 518 is configured to select the mode of operation for the application server 106 based on the evaluated urgency level of the online transaction. The transaction security manager 518 may determine the count of other user devices that are present within the proximity distance 118 of the first user device 102. When the count of other user devices exceeds or equals the device threshold count, the transaction security manager 518 may instruct the transaction analysis engine 516 to evaluate the urgency level for the online transaction initialized on the first user device 102a. The transaction security manager 518 may further determine and update the device threshold count based on the current location of the first user device 102a and the one or more parameters specified by the first user 104a (as described in FIG. 2). The transaction security manager 518 may further control the operations of the application server 106 (as described in FIGS.3B and 3C), while the application server 106 operates in the real-time transaction completion mode or the delayed transaction completion mode.
The memory 504 may include suitable logic, circuitry, interfaces, and/or codes, executable by the circuitry, for storing the details of the online transactions that are put on hold by the transaction security manager 518. Examples of the memory 504 may include, but are not limited to, a random-access memory (RAM), a read-only memory (ROM), a removable storage drive, a hard-disk drive (HDD), a flash memory, a solid-state memory, or the like. It will be apparent to a person of ordinary skill in the art that the scope of the disclosure is not limited to realizing the memory 504 in the application server 106, as described herein. In another embodiment, the memory 504 may be realized in form of a database server or a cloud storage working in conjunction with the application server 106, without departing from the scope of the disclosure.
The transceiver 506 may include suitable logic, circuitry, interfaces and/or code, executable by the circuitry, for transmitting and receiving data over the communication network 116 using one or more communication protocols. The transceiver 506 transmits various requests and messages to and receives various requests and messages from, the first user device 102a, the acquirer server 110, and the issuer server 114. Examples of the transceiver 506 may include, but are not limited to, an antenna, a radio frequency transceiver, a wireless transceiver, a Bluetooth transceiver, an Ethernet port, a universal serial bus (USB) port, or any other device configured to transmit and receive data.
It will be apparent to a person of ordinary skill in the art that other entities, offering a similar solution for facilitating secure online transactions, may be structurally similar to the application server 106. Examples of such entities may include, but are not limited to, the merchant server 108, the acquirer server 110, the payment network server 112, or the issuer server 114.
FIG. 6 is a block diagram that illustrates system architecture of a computer system 600, in accordance with an exemplary embodiment of the disclosure. An embodiment of disclosure, or portions thereof, may be implemented as computer readable code on the computer system 600. In one example, the first through third user devices 102a-102c, the merchant server 108, the acquirer server 110, the payment network server 112, and the issuer server 114 may be implemented as the computer system 600.
Hardware, software, or any combination thereof may embody modules and components used to implement methods of FIGS. 7A and 7B and 8. The computer system 600 includes a processor 602 that may be a special-purpose or a general-purpose processing device. The processor 602 may be a single processor, multiple processors, or combinations thereof. Further, the processor 602 may be connected to a communication infrastructure 604, such as a bus, message queue, multi-core message-passing scheme, and the like. The computer system 600 may further include a main memory 606 and a secondary memory 608. Examples of the main memory 606 may include a RAM, a ROM, and the like. The secondary memory 608 may include an HDD or a removable storage drive, such as a floppy disk drive, a magnetic tape drive, a compact disc, an optical disk drive, a flash memory, and the like.
The computer system 600 further includes an input/output (I/O) interface 610 and a communication interface 612. The I/O interface 610 includes various input and output devices that are configured to communicate with the processor 602. Examples of the input devices may include a keyboard, a mouse, a joystick, a touchscreen, a microphone, and the like. Examples of the output devices may include a display screen, a speaker, headphones, and the like. The communication interface 612 may be configured to allow data to be transferred between the computer system 600 and various devices that are communicatively coupled to the computer system 600. Examples of the communication interface 612 may include a modem, a network interface, i.e., an Ethernet card, a communications port, and the like. Data transferred via the communication interface 612 may correspond to signals, such as electronic, electromagnetic, optical, or other signals as will be apparent to a person skilled in the art.
FIGS. 7A and 7B, collectively represent a flow chart 700 that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure. The first user 104a may utilize the service application 202 running on the first user device 102a for initializing an online transaction.
With reference to FIG. 7A, at step 702, the application server 106 may detect the initialization of the online transaction on the first user device 102a. At step 704, based on the initialization of the online transaction on the first user device 102a, the application server 106 may detect a current location of the first user device 102a. At step 706, the application server 106 may determine (or update) the device threshold count for the first user device 102a that is present at the detected location. At step 708, the application server 106 may determine the count of other user devices that are present within the proximity distance 118 of the first user device 102a (as described in FIG. 2). The other user devices correspond to other users that are present within the proximity distance 118.
At step 710, the application server 106 may determine whether the count of other user devices is greater than or equal to the device threshold count. If at step 710, the application server 106 determines that the count of other user devices is less than the device threshold count, the process proceeds to step 712. At step 712, the application server 106 may prompt the first user 104a, through the first user device 102a, to complete the online transaction at the current time-instance using the primary information of the first transaction card (i.e., the payment mode). Based on the prompting, the first user 104a may complete the online transaction at the current time-instance using the primary information. At step 714, the application server 106 may process the completed online transaction and may communicate the transaction details of the online transaction to the issuer server 114 for authorization of the online transaction. If at step 710, the application server 106 determines that the count of other user devices is greater than or equal to the device threshold count, the process proceeds to step 716.
With reference to FIG. 7B, at step 716, the application server 106 may evaluate the urgency level for the online transaction. The urgency level may be evaluated based on the transaction analysis data and the one or more preferences of the first user 104a (as described in FIGS. 3 and 5). At step 718, the application server 106 may determine whether the evaluated urgency level is greater than or equal to the threshold urgency level. If at step 718, the application server 106 determines that evaluated urgency level is greater than or equal to the threshold urgency level, the process proceeds to step 720.
At step 720, the application server 106 may select the real-time transaction completion mode for completion of the online transaction. At step 722, upon the selection of the real-time transaction completion mode, the application server 106 may determine whether any payment mode of the first user 104a is saved at the service application 202 or with the merchant server 108. If at step 722, the application server 106 determines that the first transaction card of the first user 104a is saved with at least one of the service application 202 or with the merchant server 108, the process proceeds to step 724. At step 724, the application server 106 may prompt the first user 104a, through the first user device 102a, to complete the online transaction at the current time-instance using one of the temporary PIN or a virtual card linked to the first transaction card as the secondary information. Based on the prompting the first user 104a completes the online transaction using one of the temporary PIN or the virtual card and the process proceeds to step 714 of FIG. 7A. If at step 722, the application server 106 determines that the no payment mode of the first user 104a is saved, the process proceeds to step 726. At step 726, the application server 106 may prompt the first user 104a, through the first user device 102a, to complete the online transaction at the current time-instance using the digital wallet as the secondary information. Based on the prompting, the first user 104a completes the online transaction using the digital wallet and the process proceeds to step 714 of FIG. 7A.
If at step 718, the application server 106 determines that evaluated urgency level is less than the threshold urgency level, the process proceeds to step 728. At step 728, the application server 106 may select the delayed transaction completion mode for completion of the online transaction. At step 730, upon the selection of the delayed transaction completion mode, the application server 106 may set (or put) the online transaction on hold at the current time-instance so as to be completed at a later time-instance. At step 732, the application server 106 may determine whether the count of other user devices is less than the device threshold count. If at step 732, the application server 106 determines that the count of other user devices is greater than or equal to the device threshold count, the application server 106 keeps the online transaction on hold until the count of other user devices becomes less than the device threshold count. If at step 732, the application server 106 determines that the count of other user devices is less than the device threshold count, the process proceeds to step 734. At step 734, the application server 106 may prompt the first user 104a, through the first user device 102a, to complete the online transaction at the later time-instance using the primary information of the first transaction card (i.e., the payment mode). Based on the prompting, the first user 104a may complete the online transaction at the later time-instance using the primary information and the process proceeds to step 714 of FIG. 7A.
FIG. 8 represents a high-level flow chart 800 that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure. At step 802, the application server 106 may detect initialization of an online transaction on the first user device 102. At step 804, the application server 106 may determine the count of other user devices that are present within the proximity distance 118 of the first user device 102a (as described in FIG. 2). The other user devices correspond to other users that are present within the proximity distance 118. At step 806, the application server 106 may evaluate the urgency level for the online transaction based on the transaction analysis data and the one or more preferences of the first user 104a (as described in FIGS. 3 and 5). The application server 106 may evaluate the urgency level when the count of other user devices is greater than or equal to the device threshold count. At step 808, based on evaluated urgency level, the application server 106 may prompt, the first user 104a, through the first user device 102a, to complete the online transaction at one of the later time-instance using the primary information of the payment mode or at the current time-instance using the secondary information of the payment mode. At step 810, the application server 106 may process the online transaction that is completed at one of the current time-instance or the later time-instance.
FIG. 9 represents a high-level flow chart 900 that illustrates a method for facilitating secure online transactions, in accordance with an exemplary embodiment of the disclosure. At step 902, the application server 106 may detect initialization of an online transaction on the first user device 102. At step 904, the application server 106 may determine the count of other user devices that are present within the proximity distance 118 of the first user device 102a (as described in FIG. 2). The other user devices correspond to other users that are present within the proximity distance 118. At step 906, the application server 106 may evaluate the urgency level for the online transaction based on the transaction analysis data and the one or more preferences of the first user 104a (as described in FIGS. 3 and 5). The application server 106 may evaluate the urgency level when the count of other user devices is greater than or equal to the device threshold count. At step 908, based on evaluated urgency level, the application server 106 may select one of the delayed transaction completion mode or the real-time transaction completion mode for completion of the initialized online transaction. In the delayed transaction completion mode, the online transaction is put on hold at the current time-instance and completed by the first user 104a at the later time-instance using the primary information of the payment mode. In the real-time transaction completion mode, the online transaction is completed by the first user 104a at the current time-instance using the secondary information of the payment mode. At step 910, the application server 106 may process the completed online transaction.
A person having ordinary skill in the art will appreciate that embodiments of the disclosed subject matter can be practiced with various computer system configurations, including multi-core multiprocessor systems, minicomputers, mainframe computers, computers linked or clustered with distributed functions, as well as pervasive or miniature computers that may be embedded into digitally any device. Further, the operations may be described as a sequential process, however some of the operations may in fact be performed in parallel, concurrently, and/or in a distributed environment by single or multiprocessor machines. In addition, in some embodiments the order of operations may be rearranged without departing from the spirit of the disclosed subject matter.
Thus, technological improvements in the application server 106 enable users (for example, the first through third users 104a-104c) to perform secure online transactions. The application server 106 ensures that the primary information of the payment mode of the first user 104a is not used to complete an online transaction in a public area. For example, when the online transaction is not urgent, the application server 106 defers the completion of the online transaction to the later time-instance t2 (i.e., when the first user 104a is in the private area). When the online transaction is urgent and the first user 104a is in the public area, the application server 106 provides an option to the first user 104a to complete the online transaction using the secondary information. Thus, the primary financial information of the first user 104a is safeguarded from financial fraud in the public area. The secondary information is temporary financial information of the payment mode that when compromised does not lead to fraudulent use of the payment mode. When the first user 104a is in a private area, the application server 106 reminds the first user 104a to set the secondary information for the payment mode, thereby ensuring that the first user 104a does not face any inconvenience due to the absence of the secondary information in the public area. By utilizing AI and machine learning algorithms, the application server 106 is able to evaluate an appropriate urgency level of an online transaction. For example, the first user 104a may select the ‘Yes’ button 406a for completing an online transaction at the current time-instance, even when the evaluated urgency level for the online transaction is ‘0’. The application server 106 may record this instance as a feedback and mark a similar online transaction for the next time as urgent.
Techniques consistent with the present disclosure provide, among other features, systems and methods for authenticating users for transactions. While various exemplary embodiments of the disclosed system and method have been described above it should be understood that they have been presented for purposes of example only, not limitations. It is not exhaustive and does not limit the disclosure to the precise form disclosed. Modifications and variations are possible in light of the above teachings or may be acquired from practicing of the disclosure, without departing from the breadth or scope.
Unless stated otherwise, terms such as “first” and “second” in claims are used to arbitrarily distinguish between the elements such terms describe. Thus, these terms are not necessarily intended to indicate temporal or other prioritization of such elements. The fact that certain measures are recited in mutually different claims does not indicate that a combination of these measures cannot be used to advantage. While various embodiments of the disclosure have been illustrated and described, it will be clear that the disclosure is not limited to these embodiments only. Numerous modifications, changes, variations, substitutions, and equivalents will be apparent to those skilled in the art, without departing from the spirit and scope of the disclosure, as described in the claims.